News

Careful what you install on your smartphone. The number of malware programs masquerading as legitimate mobile apps grew by more than 600 percent in 2012, according to a new survey by the networking company Juniper.

Juniper’s third annual report on the state of mobile security is out today. It says the firm detected a total of 276,259 mobile malware apps, up from 28,500 in 2011 and only 11,000 in 2010.

The mobile platform with the biggest target on its back is Google’s Android. Juniper says that malware aimed at phones running that operating system account for 92 percent of all mobile malware it has encountered.

The report goes on to explain that mobile malware for Apple’s iOS, the next-most-popular platform in terms of market penetration, is “noticeably absent” from its malware sample database. “Theoretical exploits for iOS have been demonstrated, as well as methods for sneaking malicious applications onto the iOS App Store,” the report says, but criminals have tended to favor Android as their target, because there is less oversight on the process of releasing applications into the wild.

About 73 percent of mobile malware was either FakeInstallers or SMS Trojans, which exploit holes in mobile payment systems to turn a quick profit. And they get around. Juniper says it found more than 500 third-party Android app stores operating around the world — and few catering to jailbroken iOS devices — distributing instances of malware.

Another issue facing Android users is the multiple variants of the OS in circulation. Juniper cites Google as saying that as of June 3 only four percent of Android users were running the most recent version of the OS which cleans up vulnerabilities that are exploited by about 77 percent of Android malware.

It’s also just the latest in a series of industry reports tracking the rising concern of mobile security. Earlier this month, the security software firm Check Point reported the findings of a survey suggesting that most businesses experienced some kind of mobile security incident in the past year.

That’s not hard to imagine, especially in light of some of the newer tactics being employed by malware creators. In April, Lookout noticed that some malware it dubbed BadNews behaves in a perfectly benign manner at first, only serving up ads, but later pivots to using its access to the phone to install more malignant malware.